diff --git a/server.yml b/server.yml
index 8b102d2..527a28c 100644
--- a/server.yml
+++ b/server.yml
@@ -417,6 +417,12 @@ files:
   - path: etc/nginx/ssl/privkey.pem
     source: ssl/privkey.pem
     mode: "0644"
+  - path: etc/nginx/ssl/ec_cert.pem
+    source: pkg/challenge/ssl/ec_cert.pem
+    mode: "0644"
+  - path: etc/nginx/ssl/ec_key.pem
+    source: pkg/challenge/ssl/ec_key.pem
+    mode: "0644"
   - path: etc/nginx/nginx-gw.conf
     contents: |
       user nginx;
@@ -568,8 +574,68 @@ files:
               listen [::]:443 default ssl;
               ssl_protocols TLSv1.2;
               ssl_prefer_server_ciphers on;
+              ssl_certificate /etc/nginx/ssl/ec_cert.pem;
+              ssl_certificate_key /etc/nginx/ssl/ec_key.pem;
+              location = /{
+                  return https://adlin.nemunai.re/;
+              }
+              location /challenge {
+                  proxy_pass        https://82.64.31.248/challenge;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+              location /toctoc {
+                  proxy_pass        https://82.64.31.248/toctoc;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+              location /echorequest {
+                  proxy_pass        https://82.64.31.248/echorequest;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+              location /testdisk {
+                  proxy_pass        https://82.64.31.248/testdisk;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+              location /sshkeys {
+                  proxy_pass        https://82.64.31.248/sshkeys;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+              location /api/students {
+                  proxy_pass        https://82.64.31.248;
+                  proxy_set_header  Host             adlin.nemunai.re;
+                  proxy_set_header  X-Forwarded-For  $remote_addr;
+                  proxy_set_header  X-Forwarded-By   172.23.200.1;
+                  proxy_set_header  X-Forwarded-Proto https;
+                  proxy_redirect    off;
+              }
+          }
+          server {
+              listen 443 ssl;
+              listen [::]:443 ssl;
+              ssl_protocols TLSv1.2;
+              ssl_prefer_server_ciphers on;
               ssl_certificate /etc/nginx/ssl/fullchain.pem;
               ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+              server_name adlin.nemunai.re;
               location = /{
                   return https://adlin.nemunai.re/;
               }